Securing the Lines Of a Wired Nation

By JOHN SCHWARTZ

Published: October 4, 2001

IN the hours of torment and confusion after the attacks on the World Trade Center and the Pentagon, many people making phone calls to or from the affected cities encountered the grating ''All circuits are busy'' recording. E-mail messages, however, seemed to sail through the crisis to their destinations. The smooth traffic was hailed by many experts as testament to the underlying strength of the Internet.

But hold on just one nanosecond. Are we talking about the Internet, referred to by so many other experts as a famously vulnerable, fragile network that can be brought to its knees by college students in the Philippines or a teenager in Canada, with estimates of damage in the billions of dollars?

It is indeed the same Internet, ever a combination of flaky and robust. Fred Cohen, the computer security researcher who first applied the word ''virus'' to malicious software, said that the individual elements of the network were fragile but that the network over all was resilient. ''It's easy to tear a piece of paper,'' he said. ''Try tearing a phone book in half.'' Still, David J. Farber, a computer scientist and former chief technologist at the Federal Communications Commission, said that the Internet's success on Sept. 11 could largely be attributed to the fact that ''nobody attacked it.''

Experts in the emerging field of cyberterrorism say that with such an inviting target, terrorists are bound to take up the hackers' wares. What will happen when an attacker with real resources and a deep desire to do harm grabs the keyboard?

It may not take long to find out, and the vulnerability may go far beyond Web sites or e-mail.

According to a report last week by the Institute for Security Technology Studies, founded last year at Dartmouth, ''U.S. retaliatory strikes for the tragic Sept. 11 events may result in cyberattacks against the American electronic infrastructure.'' While such attacks may amount to no more than familiar nuisances -- like hackers' defacing Web pages or tying up sites by overwhelming them with traffic -- ''the potential exists for much more devastating cyberattacks,'' the report said.

Those who watch trends in computer crime and terrorism say that the two are coming together with potentially catastrophic results. Richard A. Clarke, who will head cyberterrorism efforts for the Bush administration's Homeland Security Council, said in a speech last December that the government had to make cybersecurity a priority or face a ''digital Pearl Harbor.''

In 1997, the President's Commission on Critical Infrastructure Protection noted that telephone networks and the Internet were increasingly the bonds of the world's economy, for everything from financial operations to the supply of water and power.

Consequently, it said, ''a computer can cause switches or valves to open and close, move funds from one account to another, or convey a military order almost as quickly over thousands of miles as it can from next door, and just as easily from a terrorist hideout as from an office cubicle or military command center.''

For Tom Marsh, who was the commission's chairman, the worst-case scenarios are nightmarish: a determined coalition of hackers, he said, could disrupt 911 service, air traffic control, the power-switching centers that move electricity around the country, rail networks and more. ''It's a major undertaking,'' said Mr. Marsh, a retired Air Force general, ''but it's not beyond the realm of possibility.'' The complexity of the attacks on the World Trade Center and the Pentagon, he said, showed that ''even terrorist organizations can conduct very well-organized and sophisticated attacks.''

''We said in our report we didn't foresee an electronic Pearl Harbor, and I still don't,'' he said. ''But I do believe that as cybercrime progresses, over time the terrorists are going to get more and more interested in it and see it as a very possible opportunity to cause major disruption.''

Those who have worked in cyberintelligence say that the attention to the subject is timely. ''Up until the 11th, people like me would talk in terms of the growing threat of transnational attack -- the prospect of new forms of terrorism -- and the basic reaction was, 'Yeah, yeah, yeah, but that's theoretical,' '' said Jeffrey A. Hunker, dean of the Heinz School of Public Policy and Management at Carnegie Mellon University and formerly the senior director for protection of critical infrastructure at the National Security Council.

Since the attacks, he said, it has become clear that ''there are clearly transnational organizations that are incredibly capable of executing sophisticated operations and are enormously creative and innovative.'' That, in turn, ''makes much more real the possibility of new techniques or new types of terrorist attacks,'' including cyberterror, he said. ''We're sitting on a cyber time bomb,'' he said.

Some experts have warned, for example, that systems accessible to the Internet like power grids could be brought down by a determined hacker, though as Mr. Farber put it, ''it's a lot easier to throw a hand grenade down the highway south of San Jose and take out a major power station'' than to do so by modem. And most would put cyberattacks in a different category from the weapons of mass destruction associated with visions of catastrophic terrorism; these are not nuclear arms, nerve gas or germs. Instead, many experts now call them weapons of mass disruption.

''People aren't going to be killing us with computers,'' Mr. Hunker said, ''but our life may be hell because of computer attacks.''